# File-Validation: SHA-2

#### **IMPORTANT!**
This is a follow-up on my [MD5 Tutorial](https://notabug.org/jayvii/Tutorials/src/master/Security/Integrity/File-Validation:%20MD5).
If you haven't read that one, you should do so **NOW**!
It might be vitally important for newcomers to understand this Tutorial and also inlcudes important information about Checksums and why we need them.


## Table of Contents
1. [Introduction: SHA?!](#introduction-sha)
	* [Field of use](#field-of-use)
	* [Security / Reliability](#security--reliability)
2. [SHA-2 on Linux](#sha-2-on-linux)
	* [SHA-2 check on a CD](#sha-2-check-on-a-cd)
3. [SHA-2 on other OS's](#sha-2-on-other-oss)
	* [SHA-2 on Windows](#sha-2-on-windows)
	* [SHA-2 on OSX](#sha-2-on-osx)
	* [SHA-2 on BSD](#sha-2-on-bsd)
	* [SHA-2 on Solaris](#sha-2-on-solaris)
4. [Sources / Referal Links](#sources-and-referal-links)

## Introduction: SHA?!
Since [I already mentioned, what Checksums are](https://notabug.org/jayvii/Tutorials/src/master/Security/Integrity/File-Validation:%20MD5#checksums), we can jump right into *"Secure Hash Algorithm"*, this time.
The SHA-family is another cryptographic hash function group, published by the US [National Institute of Standards and Technology (NIST)](http://www.nist.gov/).
To be more precise, SHA-2 - the algorithm we are looking at here - is designed and developed by the US [National Security Agency (NSA)](https://www.nsa.gov/), that - surprisingly enough - contributes a whole lot to opensource projects, **especially** security-centered ones.

When it's predecessor SHA-1 was found to be rather weak in terms of collision resistance in 2005, SHA-2 mostly replaced it, whenever it was inteded for checking digital signatures (authencity) or integrity - which is, what **we** will use it for. Eventhough SHA-2 shares some similarities with SHA-1, it is yet to be found flawed. As of now (Feb 2016), SHA-2 can be considered reliable and save.

SHA-2 can consist of six hash-values, that are either 224, 256, 384 or 512 bits, whereas the most common ones are 256 or 512.

### Field of use
The SHA-family and with that SHA-2 are not only used for integrity-checks, but also for encryption (most Linux-Systems use 512bit SHA-2 for password-encryption) and authencity checks.
SHA-2 is also used in several widespread security-applications & -protocols, such as TLS, SSL, SSH, PGP and more.

### Security / Reliability
As mentioned [above](#introduction-sha), SHA-2 still is considered secure. Eitherway, there are a bunch of partial successes, when trying to create a hash-collision (producing the same output-hash for two different inputs).
When trying to create a collision, test-algorithms do [bruteforce-searches](https://en.wikipedia.org/wiki/Brute-force_attack) and [birthday-attacks](https://en.wikipedia.org/wiki/Birthday_attack).
* [D. Khovratovich, C. Rechberger, A. Savelieva - Bicliques for Preimages](https://eprint.iacr.org/2011/286.pdf)
* [M. Lamberger, F. Mendel - Higher-Order Diffential Attack on Reduced SHA-256](https://eprint.iacr.org/2011/037.pdf)
* [S. K. Sanadhya, P. Sarkar - New Collision attacks Against Up To 24-step SHA-2](https://eprint.iacr.org/2008/270.pdf)
* [J. Guo, S. Ling, C. Rechberger, H. Wang - Advanced Meet-in-the-Middle Preimage Attacks](https://eprint.iacr.org/2010/016.pdf)


## SHA-2 on Linux
Just like with [Message Digest 5 (MD5)](https://notabug.org/jayvii/Tutorials/src/master/Security/Integrity/File-Validation:%20MD5#md5-on-linux), Linux-Distributions offer a simple and handy tool to output a file's hash.
*"sha256sum"* and *"sha512sum"* work pretty much exactly like *"md5sum"*, from the user's point of view. However, we will use *"shasum"* which is a bit more versatile, due to the possibility of parsing any supported bit-size with the *"-a"* flag. Supported bit-sizes are: **224**, **256**, **384**, **512**, **512224** (512/224),**512256** (512/256)
Again, this is most-likely pre-installed in your Distribution, as part of the core-system.
Also, I will use the [64-bit standard live CD-image of Debian 8.3](http://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian-live-8.3.0-amd64-standard.iso) for my examples (Debian updated their images in those few days between my Tutorials).

**Note:** since any supported bit-size can be parsed to *"shasum"* with the *"-a"* flag, I will only show the 256-bit commands.

Assuming, our ISO has been downloaded into your Downloads-folder, into which we already navigated, we can simply receive its hash with:
`shasum -a 256 debian-live-8.3.0-amd64-standard.iso`

The Output will look similar to this:
`4fb456f0b1a5d4b06811514533b876e0979be4938731108620fb0f799449159c  debian-live-8.3.0-amd64-standard.iso`

Now, you can compare the output-hash with the appropiate one in the [SHA256SUMS-textfile](http://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/SHA256SUMS), respectively the [SHA512SUMS-textfile](http://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/SHA512SUMS).


Just like with *"md5sums"*, you can automate the comparing-process, by passing the texfile to *"shasum"* with the *"-c"* flag.
Note, that **BOTH** files (ISO and textfile) have to be in your current directory:
`shasum -a 256 -c SHA256SUM`

The output will be a wall of text, similar to following. The important part is the **"debian-live-8.3.0-amd64-standard.iso: OK"**:
```
shasum: debian-live-8.3.0-amd64-cinnamon-desktop.iso: 
debian-live-8.3.0-amd64-cinnamon-desktop.iso: FAILED open or read
shasum: debian-live-8.3.0-amd64-cinnamon-desktop.iso.contents: No such file or directory
debian-live-8.3.0-amd64-cinnamon-desktop.iso.contents: FAILED open or read
shasum: debian-live-8.3.0-amd64-cinnamon-desktop.iso.log: No such file or directory
debian-live-8.3.0-amd64-cinnamon-desktop.iso.log: FAILED open or read
shasum: debian-live-8.3.0-amd64-cinnamon-desktop.iso.packages: No such file or directory
debian-live-8.3.0-amd64-cinnamon-desktop.iso.packages: FAILED open or read
shasum: debian-live-8.3.0-amd64-cinnamon-desktop.iso.zsync: No such file or directory
debian-live-8.3.0-amd64-cinnamon-desktop.iso.zsync: FAILED open or read
shasum: debian-live-8.3.0-amd64-gnome-desktop.iso: No such file or directory
debian-live-8.3.0-amd64-gnome-desktop.iso: FAILED open or read
shasum: debian-live-8.3.0-amd64-gnome-desktop.iso.contents: No such file or directory
debian-live-8.3.0-amd64-gnome-desktop.iso.contents: FAILED open or read
shasum: debian-live-8.3.0-amd64-gnome-desktop.iso.log: No such file or directory
debian-live-8.3.0-amd64-gnome-desktop.iso.log: FAILED open or read
shasum: debian-live-8.3.0-amd64-gnome-desktop.iso.packages: No such file or directory
debian-live-8.3.0-amd64-gnome-desktop.iso.packages: FAILED open or read
shasum: debian-live-8.3.0-amd64-gnome-desktop.iso.zsync: No such file or directory
debian-live-8.3.0-amd64-gnome-desktop.iso.zsync: FAILED open or read
shasum: debian-live-8.3.0-amd64-kde-desktop.iso: No such file or directory
debian-live-8.3.0-amd64-kde-desktop.iso: FAILED open or read
shasum: debian-live-8.3.0-amd64-kde-desktop.iso.contents: No such file or directory
debian-live-8.3.0-amd64-kde-desktop.iso.contents: FAILED open or read
shasum: debian-live-8.3.0-amd64-kde-desktop.iso.log: No such file or directory
debian-live-8.3.0-amd64-kde-desktop.iso.log: FAILED open or read
shasum: debian-live-8.3.0-amd64-kde-desktop.iso.packages: No such file or directory
debian-live-8.3.0-amd64-kde-desktop.iso.packages: FAILED open or read
shasum: debian-live-8.3.0-amd64-kde-desktop.iso.zsync: No such file or directory
debian-live-8.3.0-amd64-kde-desktop.iso.zsync: FAILED open or read
shasum: debian-live-8.3.0-amd64-lxde-desktop.iso: No such file or directory
debian-live-8.3.0-amd64-lxde-desktop.iso: FAILED open or read
shasum: debian-live-8.3.0-amd64-lxde-desktop.iso.contents: No such file or directory
debian-live-8.3.0-amd64-lxde-desktop.iso.contents: FAILED open or read
shasum: debian-live-8.3.0-amd64-lxde-desktop.iso.log: No such file or directory
debian-live-8.3.0-amd64-lxde-desktop.iso.log: FAILED open or read
shasum: debian-live-8.3.0-amd64-lxde-desktop.iso.packages: No such file or directory
debian-live-8.3.0-amd64-lxde-desktop.iso.packages: FAILED open or read
shasum: debian-live-8.3.0-amd64-lxde-desktop.iso.zsync: No such file or directory
debian-live-8.3.0-amd64-lxde-desktop.iso.zsync: FAILED open or read
shasum: debian-live-8.3.0-amd64-mate-desktop.iso: No such file or directory
debian-live-8.3.0-amd64-mate-desktop.iso: FAILED open or read
shasum: debian-live-8.3.0-amd64-mate-desktop.iso.contents: No such file or directory
debian-live-8.3.0-amd64-mate-desktop.iso.contents: FAILED open or read
shasum: debian-live-8.3.0-amd64-mate-desktop.iso.log: No such file or directory
debian-live-8.3.0-amd64-mate-desktop.iso.log: FAILED open or read
shasum: debian-live-8.3.0-amd64-mate-desktop.iso.packages: No such file or directory
debian-live-8.3.0-amd64-mate-desktop.iso.packages: FAILED open or read
shasum: debian-live-8.3.0-amd64-mate-desktop.iso.zsync: No such file or directory
debian-live-8.3.0-amd64-mate-desktop.iso.zsync: FAILED open or read
debian-live-8.3.0-amd64-standard.iso: OK
shasum: debian-live-8.3.0-amd64-standard.iso.contents: No such file or directory
debian-live-8.3.0-amd64-standard.iso.contents: FAILED open or read
shasum: debian-live-8.3.0-amd64-standard.iso.log: No such file or directory
debian-live-8.3.0-amd64-standard.iso.log: FAILED open or read
shasum: debian-live-8.3.0-amd64-standard.iso.packages: No such file or directory
debian-live-8.3.0-amd64-standard.iso.packages: FAILED open or read
shasum: debian-live-8.3.0-amd64-standard.iso.zsync: No such file or directory
debian-live-8.3.0-amd64-standard.iso.zsync: FAILED open or read
shasum: debian-live-8.3.0-amd64-xfce-desktop.iso: No such file or directory
debian-live-8.3.0-amd64-xfce-desktop.iso: FAILED open or read
shasum: debian-live-8.3.0-amd64-xfce-desktop.iso.contents: No such file or directory
debian-live-8.3.0-amd64-xfce-desktop.iso.contents: FAILED open or read
shasum: debian-live-8.3.0-amd64-xfce-desktop.iso.log: No such file or directory
debian-live-8.3.0-amd64-xfce-desktop.iso.log: FAILED open or read
shasum: debian-live-8.3.0-amd64-xfce-desktop.iso.packages: No such file or directory
debian-live-8.3.0-amd64-xfce-desktop.iso.packages: FAILED open or read
shasum: debian-live-8.3.0-amd64-xfce-desktop.iso.zsync: No such file or directory
debian-live-8.3.0-amd64-xfce-desktop.iso.zsync: FAILED open or read
shasum: WARNING: 34 listed files could not be read
```

To filter out all critical error-messages, we can add *"2>&1"* to the end of our command and pipe the output into *"grep"*, so it'll only display successful matches:
`shasum -a 256 -c SHA256SUMS 2>&1 | grep OK`

The output will be a lot cleaner and easier to read:
`debian-live-8.3.0-amd64-standard.iso: OK`


### SHA-2 check on a CD
[Unlike MD5](https://notabug.org/jayvii/Tutorials/src/master/Security/Integrity/File-Validation:%20MD5#md5-check-on-a-cd), the most intuitive way of checking a CD's integrity **WILL** actually work:
`shasum -a 256 /dev/cdrom`

However, you should run *"lsblk"* prior to that, to see if *"/dev/cdrom"* is the actual device, you want to check.


## SHA-2 on other OS's
[Just like MD5](https://notabug.org/jayvii/Tutorials/src/master/Security/Integrity/File-Validation:%20MD5#md5-on-other-oss), it's also possible to check SHA-2 hashes on other OS's, like Windows, OSX, BSD and Solaris.

### SHA-2 on Windows
Oddly enough, the tool I suggested for checking [MD5-hashes on Windows](https://notabug.org/jayvii/Tutorials/src/master/Security/Integrity/File-Validation:%20MD5#md5-on-windows), only supports MD5 and SHA-1.
However, [Quick Hash GUI](http://sourceforge.net/projects/quickhash/files/) seems to be a valid alternative.

### SHA-2 on OSX
OpenSSL of newer OSX-versions should support SHA-2 hashing. The terminology is similar to [hashing MD5 on OSX](https://notabug.org/jayvii/Tutorials/src/master/Security/Integrity/File-Validation:%20MD5#md5-on-osx):
`openssl sha2 debian-live-8.3.0-amd64-standard.iso`

However, if you have an older version, I'd suggest using [Quick Hash GUI](http://sourceforge.net/projects/quickhash/files/) for OSX, as well.

### SHA-2 on BSD
The terminology for BSD's *"shasum"* is the exact same one [as on Linux based OS's](#sha-2-on-linux).

### SHA-2 on Solaris
Solaris' *"digest"* does not only [work for MD5](https://notabug.org/jayvii/Tutorials/src/master/Security/Integrity/File-Validation:%20MD5#md5-on-solaris), but also for SHA-2:
`digest -a sha256 debian-live-8.3.0-amd64-standard.iso`
`digest -a sha512 debian-live-8.3.0-amd64-standard.iso`


## Sources and referal links
* [Ubuntu: How to SHA256SUM](https://help.ubuntu.com/community/HowToSHA256SUM)
* [Arch: SHA password hashes](https://wiki.archlinux.org/index.php/SHA_password_hashes)
* [UNIX: shasum](http://www.unix.com/man-page/all/1/shasum/)
* [NIST: Secure Hashing](http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html)
* [Wikipedia: SHA-2](https://en.wikipedia.org/wiki/SHA-2)
